Update information on older CVE-2013-7484

According to the upstream information was first fixed in 5.0 but it got not backported to older branches.
author: Salvatore Bonaccorso <carnil@debian.org> 2020-11-20 22:34:34 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-11-20 22:36:25 +0100
commit: 760d3c4269f5a66277db2560575e8a9629d54d51 (patch)
tree: eb33e6852b820c3a56bba319bd656d54724e53dc /data/CVE/2013.list
parent: 0ea32eb37e82e2b76f8cd069ab860d980d838d4c (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 9d97ee0a30..b7271d421b 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -25,10 +25,13 @@ CVE-2013-7486 (Cross-site scripting (XSS) vulnerability in the backend in Open-X
 CVE-2013-7485 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...)
 	NOT-FOR-US: Open-Xchange App Suite
 CVE-2013-7484 (Zabbix before 5.0 represents passwords in the users table with unsalte ...)
-	- zabbix <unfixed>
+	- zabbix 1:5.0.0+dfsg-1
 	[buster] - zabbix <no-dsa> (Minor issue)
 	[stretch] - zabbix <no-dsa> (Minor issue)
 	[jessie] - zabbix <no-dsa> (Minor issue)
+	NOTE: https://support.zabbix.com/browse/ZBX-16551
+	NOTE: https://support.zabbix.com/browse/ZBXNEXT-1898
+	NOTE: https://www.zabbix.com/documentation/5.0/manual/introduction/whatsnew500#stronger_cryptography_for_passwords
 CVE-2013-7483 (The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion. ...)
 	NOT-FOR-US: slidedeck2 plugin for WordPress
 CVE-2013-7482 (The reflex-gallery plugin before 1.4.3 for WordPress has XSS. ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-11-20 22:34:34 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-11-20 22:36:25 +0100
commit	760d3c4269f5a66277db2560575e8a9629d54d51 (patch)
tree	eb33e6852b820c3a56bba319bd656d54724e53dc /data/CVE/2013.list
parent	0ea32eb37e82e2b76f8cd069ab860d980d838d4c (diff)